Zscaler

Integration

Zscaler services enable customers to move securely to a modern cloud architecture. The Zscaler cloud connects users to applications, regardless of where users connect or where the applications are hosted, while providing comprehensive security and a fast user experience. Zscaler offers two service suites that eliminate the cost and complexity of gateway appliances. Zscaler Internet Access securely connects users to internet and SaaS applications, scanning every byte of traffic to protect against cyber threats and data leakage. Zscaler Private Access provides fast access to internal applications hosted in the data center or public clouds—without the need for a VPN.

Webroot

Threat Intelligence

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe. Our smarter approach harnesses the power of cloud-based collective threat intelligence derived from millions of real-world devices to stop threats in real time and help secure the connected world.

Wapack Labs

Threat Intelligence

Founded in 2013, Wapack Labs is a privately held cyber intelligence and threat analysis firm serving companies and organizations around the globe by providing early warning threat detection through internet surveillance operations, data gathering, and in-depth analysis of economic, financial, and geopolitical issues. Intelligence information is shared with clients through an array of packages to meet both their cyber security needs and their bottom line.

VirusTotal

Enrichment

VirusTotal inspects items with over 60 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions may be scripted in any programming language using the HTTP-based public API.

Tripwire

Integration

Tripwire delivers advanced threat, security and compliance solutions used by over 9,000 organizations, including over 50% of the Fortune 500. Tripwire enables enterprises, service providers and government agencies around the world to detect, prevent and respond to cyber security threats.

Tanium

Integration

Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current state and execute change as necessary, all within seconds. With the unprecedented speed, scale and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of cost efficiency in IT operations.

Symantec DeepSight

Threat Intelligence

Symantec sees more threats, and protects more customers from the next generation of attacks. Symantec DeepSight addresses every stage of the attack lifecycle with industry-leading threat intelligence, advanced monitoring, incident response, and cyber skills development services.

Soltra

Enrichment

Soltra Edge® is an industry-driven software that automates processes to share, receive, validate and act on cyber threat intelligence. It enables an end-to-end community defense model and changes the posture of cybersecurity defenders from reactive to proactive. Soltra Edge is the most widely used Cyber Threat Communications Platform for two-way sharing of cybersecurity information among peers, trust groups, communities and government.

Snort

Integration

Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

RSA NetWitness

Integration

RSA® Business-Driven Security™ solutions uniquely link business context with security incidents to help organizations manage risk and protect what matters most. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and reduce business risk, fraud and cybercrime. RSA protects millions of users worldwide and works with more than 90 percent of the Fortune 500.

Phantom Cyber

Security

Phantom is leading a revolution in the Security Operations Center (SOC) with the first community-powered security automation & orchestration platform. Phantom's mission is to close the security gap by enabling teams to work smarter, respond faster, and strengthen their defenses.

Palo Alto Networks

Integration

Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets.

Okta

Integration

Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

NSS Labs

Integration

NSS Labs, Inc. is the global leader in operationalizing cybersecurity, empowering enterprises by providing relevant information to reduce the operational burden of cybersecurity and address crucial gaps in their cybersecurity efforts. Our unmatched and well-respected foundation in security testing, along with our enterprise research and global threat analysis capabilities, provide the basis for our CAWS Continuous Security Validation Platform, an advanced platform that substantiates the effectiveness of enterprise security controls and uncovers unmitigated risks to enterprise systems. Using fact-based threat data and objective risk information, CAWS enables businesses to strengthen their cyber risk posture, continuously validate their security controls and take timely action to mitigate threats to their Operating Systems and applications. CISOs, Chief Security Architects, SOC and Threat Analysts, and SOC and information security professionals from many of the world's largest and most demanding enterprises rely on trusted insights from NSS Labs.

Micro Focus

Integration

Micro Focus is a global software company with 40 years of experience in delivering and supporting enterprise software solutions that help customers innovate faster with lower risk. Our portfolio enables our 20,000 customers to build, operate and secure the applications and IT systems that meet the challenges of change. We are a global software company, committed to enabling customers to both embrace the latest technologies and maximize the value of their IT investments. Everything we do is based on a simple idea: the fastest way to get results from new technology investments is to build on what you have–in essence, bridging the old and the new.

Maltego

Enrichment

Maltego servers can be deployed within your organization meaning that instead of having your transforms running over Paterva’s infrastructure you can host your transform servers on infrastructure you control. An internal server gives you the ability to integrate with your structured internal data and leverage internal processes as well as the ability to distribute these transforms across your enterprise.

Lastline

Security

Lastline provides breach protection products that are innovating the way companies defend against advanced malware. We deliver the visibility, context, analysis, and integrations enterprise security teams need to quickly and completely eradicate malware-based threats before a damaging and costly data breach occurs. Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s technology is used by Global 5000 enterprises, is offered directly and through resellers and security service providers, and is integrated into leading third-party security technologies worldwide.

Joe Security

Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics. Based on the idea of deep malware analysis & multi technology platform, Joe Security has developed unique technologies to analyze malware in a depth previously not possible. Joe Security provides malware analysis systems as a cloud service or as a standalone software package on premise. Analysis targets include Windows, Mac, Android and iOS at any scale. With its products Joe Security empowers CERTS, CIRTS, SOCs, malware analyst and incident responders around the world to detect and deeply understand malware.

ISight Partners

Threat Intelligence

FireEye iSIGHT Threat Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt your business based on the intents, tools and tactics of the attacker. Our high-fidelity, comprehensive intelligence delivers visibility beyond the typical attack lifecycle, adding context and priority to global threats before, during and after an attack. It helps mitigate risk, bolster incident response, and enhance your overall security ecosystem. Get the intel you need to predict attack and refocus your attention on what matters most to your business.

Infoblox

Integration

Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. We are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core—enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.

iDefene

Threat Intelligence

iDefense empowers its customers’ environments with contextual, timely and actionable security intelligence, enabling businesses and governments to make smarter decisions to defend against new and evolving threats.

IBM Resilient

Security

IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 200 global customers, including 50 of the Fortune 500, and hundreds of partners globally.

Hadoop

Integration

Hadoop is an open-source software framework for storing data and running applications on clusters of commodity hardware. It provides massive storage for any kind of data, enormous processing power and the ability to handle virtually limitless concurrent tasks or jobs.

Group-IB

Threat Intelligence

Group-IB is one of the global leaders in preventing and investigating high-tech crimes and online fraud. Since 2003, the company has been active in the field of computer forensics and information security, protecting the largest international companies against financial losses and reputation risks.

Georgia Tech Research Institute (GTRI)

Threat Intelligence

The Georgia Tech Research Institute is a highly-regarded applied research and development organization. Each day, GTRI’s science and engineering expertise is used to solve some of the toughest problems facing government and industry across the nation and around the globe. GTRI redefines innovation by tackling customers’ most complex challenges with the right mix of expertise, creativity and practicality. Our expert scientists and engineers turn ideas into workable solutions and then put those solutions into action. GTRI has 76 active US Letters Patents, 43 pending US patent applications and 15 pending provisional applications in the United States.

Flashpoint

Threat Intelligence

Flashpoint strives to empower their customers to make better decisions in support of their customers' business or mission by gathering the most salient data publicly available on the internet and providing meaningful, timely, relevant, and actionable insights through a fusion of technology and subject matter expertise. Their ultimate goal is to make the world a safer place by empowering people and organizations everywhere to detect, understand, and mitigate the risks that matter to them the most.

FireEye

Threat Intelligence, Integration

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and our world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,800 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.

Facebook ThreatExchange

Threat Intelligence

Most threat intelligence solutions suffer because the data is too hard to standardize and verify. Facebook created the ThreatExchange platform so that participating organizations can share threat data using a convenient, structured, and easy-to-use API that provides privacy controls to enable sharing with only desired groups.

Digital Shadows

Threat Intelligence

Digital Shadows monitors and manages an organization’s digital risk across the widest range of data sources within the visible, deep and dark web to protect the company’s business and reputation. Digital Shadows SearchLight™ service combines the industry’s most comprehensive and scalable data analytics combined with human data security experts to protect an organization from digital risks.

CyberSponse

Security

CyberSponse enables companies to defend and counter attackers through a unique and collaborative security operations platform that facilitates comprehensive incident response lifecycle management.Founded in 2011, CyberSponse is a leading provider of automated incident response (IR) solutions for cyber security threat management. Most security groups within organization’s today use Word, Excel, and internal email to manage their daily security operations. CyberSponse takes a different approach and believes that an automated and transparent view of SecOp efforts and true situational awareness for all levels of management is required for proactive management of the complexity of IT Security. The CyberSponse technology platform dramatically improves the efficiency and the effectiveness of the daily SecOps team’s efforts against cyber-attacks by providing a centralized system for managing, monitoring, reporting, and analyzing an organization’s entire IT Security infrastructure and processes.

Cuckoo

Security

Cuckoo Sandbox is a malware analysis system. In other words, you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment. Malware is the Swiss-army knife of cybercriminals and any other adversary to your corporation or organization. In these evolving times, detecting and removing malware artifacts is not enough: it's vitally important to understand how they operate in order to understand the context, the motivations and the goals of a breach, for better protecting in the future Cuckoo Sandbox is a free software that automated the task of analyzing any malicious file under Windows, OS X, Linux, and Android.

CSIS Security Group

Threat Intelligence

We're an independent cyber security services company with a single focus - detecting and mitigating threats to protect our customers’ assets, brands and users. We create value by sharing our threat intelligence expertise, and help protect some of the world's largest commercial enterprises. Trusted by law enforcement agencies, government, business and news media, we are more than 60 cyber security professionals from over 20 countries.

CrowdStrike

Threat Intelligence, Integration

CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and services. CrowdStrike Falcon enables customers to prevent damage from targeted attacks, detect and attribute advanced malware and adversary activity in real time, and effortlessly search all endpoints reducing overall incident response time. CrowdStrike customers include some of the largest blue chip companies in the financial services, energy, oil & gas, telecommunications, retail, and technology sectors, along with some of the largest and most sophisticated government agencies worldwide.

Cofense

Threat Intelligence

Cofense focuses on engaging the human–your last line of defense after a phish bypasses other technology – and enabling incident response teams to quickly analyze and respond to targeted phishing attacks.

Cloudera

Integration

Cloudera delivers the modern platform for machine learning and advanced analytics built for the cloud. The world’s leading organizations trust Cloudera to help solve their most challenging business problems by efficiently capturing, storing, processing and analyzing vast amounts of data.

Cisco Umbrella

Enrichment

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet wherever users go. And because it’s built into the foundation of the internet and delivered from the cloud, Umbrella is the simplest security product to deploy and delivers powerful, effective protection. The intelligence from Cisco Umbrella Investigate provides the most complete view of the relationships and evolution of internet domains, IPs, and malware, and adds the security context needed to uncover and predict threats.

Cicso AMP Threat Grid

Threat Intelligence

Cisco® Threat Grid combines two of the leading malware protection solutions: unified malware analysis and context-rich intelligence. It empowers security professionals to proactively defend against and quickly recover from cyber attacks. Cisco Threat Grid crowd-sources malware from a closed community and analyzes all samples using proprietary, highly secure techniques that include static and dynamic (sandboxing) analysis. It correlates the results with hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Security teams can quickly correlate a single sample of observed activity and characteristics against millions of other samples to fully understand its behaviors in a historical and global context.

Check Point

Integration

Check Point Software Technologies Ltd., the largest pure-play security vendor globally, provides industry-leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises’ networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology.

Carbon Black

Integration

Carbon Black leads a new era of endpoint security by enabling organizations to disrupt advanced attacks, deploy the best prevention strategies for their business, and leverage the expertise of 10,000 professionals from IR firms, MSSPs and enterprises to shift the balance of power back to security teams. Only Carbon Black continuously records and centrally retains all endpoint activity, making it easy to track an attacker’s every action, instantly scope every incident, unravel entire attacks and determine root causes. Carbon Black also offers a range of prevention options so organizations can match their endpoint defense to their business needs. Carbon Black has been named #1 in endpoint protection, incident response, and market share. Forward-thinking companies choose Carbon Black to arm their endpoints, enabling security teams to: Disrupt. Defend. Unite.

BroIDS

Integration

Bro is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Bro supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting.

BlueCoat

Integration

Blue Coat, Inc. is a leading provider of advanced web security solutions for global enterprises and governments, protecting 15,000 organizations including over 70 percent of the Fortune Global 500. Through the Blue Coat Security Platform, Blue Coat unites network, security and cloud, protecting enterprises and their users from cyber threats – whether they are on the network, on the web, in the cloud or mobile.